kudzues/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-04-05 19:59:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: resolve CSRF token cookie name mismatch in browser (#28228) (#28378)

Browse Source 
Co-authored-by: Claude <noreply@anthropic.com>
This commit is contained in:
Chen Jiaju
2025-11-20 11:40:35 +08:00
committed by GitHub
parent 4833d39ab3
commit f038aa4746
4 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
web/config/index.ts
View File

@@ -144,7 +144,11 @@ export const getMaxToken = (modelId: string) => {
export const LOCALE_COOKIE_NAME = 'locale'
const COOKIE_DOMAIN = (process.env.NEXT_PUBLIC_COOKIE_DOMAIN || '').trim()
const COOKIE_DOMAIN = getStringConfig(
process.env.NEXT_PUBLIC_COOKIE_DOMAIN,
DatasetAttr.DATA_PUBLIC_COOKIE_DOMAIN,
'',
).trim()
export const CSRF_COOKIE_NAME = () => {
if (COOKIE_DOMAIN) return 'csrf_token'
const isSecure = API_PREFIX.startsWith('https://')